"I'm using an add-in architecture for a webforms project like the ones you used to talk about, based on Rocky's CSLA for validation but not his overhead. As usual everything is fine on my machine and our test server but when I drop it on a hosting company server I get 'System.Security.Permissions.ReflectionPermission' when I'm doing the clone of any data objects. I like the system (old school!) but I can you suggest a fast reason for this error?"

"Old school"... meaning actual logic written by a human? <g>

Anyway, you just have a Medium trust issue.

I take it you're using the DataContract attributes for the serialization? If so, maybe you went the extra mile (as we all do) and inherited from or added an IExtensibleDataObject implementation... even if you don't really have a reason to do any roundtripping of data. If you are and if you don't need the feature just try dropping the implementation.

If you DO need the roundtripping then it should be simple enough to make those IExtensibleDataObject signature methods all public.

[OnDeserialized]public void PostProc(StreamingContext cs)
{ //this is where you alter AFTER the property is set //_id = 22;}#endregion

Most sources just show them private but public can work too and should get around the partial trust restriction of not letting you get at private members.

In verifying this I noticed that some people say to drop a copy of the system.runtime.serialization.dll in your site bin... I don't know if that works or not on all hosting company permission sets but seems like overkill anyway.

Between us, if you don't have a real need for the features that IExtensibleDataObject offers then not doing the implementation is probably your cleanest bet.

... update:

"Thanks! I wasn't using IExtensibleDataObject but now that I look at it it is a cool option. Your reply pointed me at the problem though. One of my properties wasn't public. DOH!"

My assuming you over-coded was an over-assumption! Someday I hope to not be human :)